CVE-2026-30461

Published April 15th, 2026

View on NVD ↗

CVSS v3

8.3

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the /controllers/Installer.php and the function add_git_submodule.

daylightstudio/FUEL-CMS

A CodeIgniter Content Management System

GitHub

1.02K